Skip to main content
Mitratech Success Center

Obligations Module Security

Assignments are additive

If User has access to an obligation by at least one rule - User is able to see the Obligation

If User has access to an obligation with some Role by at least one rule - User is able to do all operations with the Obligation which the Role allows

 

Custom Assignments

Applicable to: an Obligation with Custom Assignments

Access granted to:

  1. Users that are selected in Obligation page / Assignments tab
    • with roles from Admin / Users / Edit dialog
  2. Members of User Groups that are selected in Obligation page / Assignments tab
    • with roles from Add Assignment dialog - if Consider Roles option of User Group is enabled
    • with roles from Admin / Users / Edit dialog - if Consider Roles option of User Group is disabled

 

Company Defaults

Applicable to: all Obligation

Access granted to:

  1. Users that are selected in Admin / User Groups / Default User Groups page / Default Obligation Assignments section
    • with roles from Admin / Users / Edit dialog
  2. Members of User Groups that are selected in Admin / User Groups / Default User Groups page / Default Obligation Assignments section
    • with roles from Add Assignment dialog - if Consider Roles option of User Group is enabled
    • with roles from Admin / Users / Edit dialog - if Consider Roles option of User Group is disabled

 

Owner

Applicable to: all Obligations

Access granted to:

  1. User that created the Obligation.
    • with roles that user has against Active Obligation Applicabilities' Org Unit / Entity pairs (including assignments of User Groups the user is member of)

Note: Even if User is not assigned to at least one of Active Obligation Applicability's Org Unit / Entity pairs - user has access to the Obligation.

 

Obligations without Applicability Rules (shown as Inherited on Assignments Panel)

Applicable to: Obligations without Applicability-Rules

Access granted to:

  1. All Users
    • with roles from Admin / Users / Edit dialog - if the Obligation does not have Applicability.

 

Assignments based on Applicability Rules (shown as Inherited on Assignments Panel)

Applicable to: Obligations with Applicability-Rules

Applicability-Rule based assignments are additive

Each applicability-rule grants more users with access to the obligation

 

Applicability-Rule Type: Org Unit with Multiple Entities

Access granted to:

  1. Users that are given access to selected Org Unit / Entity pairs
    • with roles from Admin / Users / Edit Assignments page that meet Role-Requirements
  2. Members of User Groups that are given access to selected Org Unit / Entity pairs
    • with roles from Admin / User Groups / Edit Assignments page that meet Role-Requirements - if Consider Roles option of User Group is enabled
    • with roles from Admin / Users / Edit dialog that meet Role-Requirements - if Consider Roles option of User Group is disabled

Role-Requirements:

  • Obligation Type of Obligation must be selected for Role on Admin / Roles / Edit page / Obligation Permissions section / Type Restrictions popup

this role-requirement is applied only for Obligations with Obligation Type selected

Note: If User or User Group is assigned to selected Org Unit / Entity pairs, but Role-Requirements are not met - user does not have access to the Obligation

 

 

Applicability-Rule Type: Org Unit with Multiple Entities

Access granted to:

  1. Users that are given access to any of Org Unit / Entity pairs that is matched by selected triple Org Unit / Include Sub Org Units option / Entity Type
    • with roles from Admin / Users / Edit Assignments page that meet Role-Requirements
  2. Members of User Groups that are given access any of Org Unit / Entity pairs that is matched by selected triple Org Unit / Include Sub Org Units option / Entity Type
    • with roles from Admin / User Groups / Edit Assignments page that meet Role-Requirements - if Consider Roles option of User Group is enabled
    • with roles from  Admin / Users / Edit dialog that meet Role-Requirements - if Consider Roles option of User Group is disabled

Role-Requirements:

  • Obligation Type of Obligation must be selected for Role on Admin / Roles / Edit page / Obligation Permissions section / Type Restrictions popup

this role-requirement is applied only for Obligations with Obligation Type selected

Note: If User or User Group is assigned to any of matched Org Unit / Entity pairs, but Role-Requirements are not met - user does not have access to the Obligation

 

  • Was this article helpful?